Big items to consider: The European Commission has filed a formal antitrust complaint against Google and has accused the company of wielding its power as the world’s leading phone software supplier to impose its search and Web programs on billions of mobile users. A new variant of POS malware, “multigrain” has been found by FireEye – the malware targets systems that run the POS process multi.exe. Oracle has adopted the new CVSS 3.0 vulnerability rating system that has resulted in 136 flaws that were rated as high and critical. Apple warns that QuickTime for Windows PC has known flaws – the Department of Homeland Security issued a public statement urging anyone using QuickTime to uninstall the product due to Apple ceasing development and no longer supporting security updates.

The European Commission sent Google a formal antitrust complaint, accusing the company of striking restrictive contracts that require makers of tablets and phones to install its search and Web browser on new phones. The company also unfairly pays phone makers and telecom operators a share of advertising revenue if they agree to make Google’s search engine the default on devices, the EU said Wednesday. By sending a statement of objections, the EU is opening a new front in its antitrust battle with the Alphabet Inc. unit — paving the way for potentially huge fines and radical changes to the way the company does business. It comes a year after the EU issued a formal complaint regarding Google’s comparison-shopping service.

A variant of the NewPosThings POS malware family, dubbed Multigrain, has introduced an interesting wrinkle—exfiltrating stolen payment card data from POS systems via the Domain Name System (DNS), as opposed to via HTTP or File Transfer Protocol (FTP), FireEye explained in its threat research blog on Tuesday. Because DNS is conventionally used to translate domain names into IP addresses, and not to transfer general data, the system is often overlooked by cybersecurity officials when assessing potential threats to their organizations. While HTTP or FTP traffic might be closely monitored or restricted to prevent unauthorized external queries, the DNS “is still necessary to resolve hostnames within the corporate environment and is unlikely to be blocked,” explains the FireEye blog. Consequently, DNS remains vulnerable to cyber intruders, making this tactic especially appealing to sneaky cybercriminals.

Oracle has released another monster quarterly security update containing 136 fixes for flaws in a wide range of products including Oracle Database Server, E-Business Suite, Fusion Middleware, Oracle Sun Products, Java, and MySQL. The biggest change is Oracle’s adoption of the Common Vulnerability Scoring System (CVSS) version 3.0, which more accurately reflects the impact of flaws than CVSS 2.0. This Oracle Critical Patch Update (CPU) has both CVSS 3.0 and CVSS 2.0 scores for vulnerabilities, providing a chance to compare how the new rating system might affect Oracle patch prioritization inside organizations. One immediately noticeable change is that there are five vulnerabilities rated with the maximum score of 10.0 based on the CVSS 2.0 scale, but none when using the CVSS 3.0 rating. At first glance, this would suggest that based on CVSS 3.0, flaws are rated as less critical, but that’s not true.

Do you have Apple QuickTime installed on your Windows PC? It’s time to remove it. There are known flaws that can be exploited relatively easily, and Apple has confirmed that it is no longer supporting the software. The US-CERT, part of the Department of Homeland Security, recently issued a public statement urging anyone using QuickTime for Windows to uninstall the product immediately due to Apple ceasing development and therefore no longer issuing security updates. This alert stems from a recent call to action from TrendMicro, after the company’s Zero Day Initiative revealed two critical vulnerabilities: ZDI-16-241 and ZDI-16-242, affecting QuickTime for Windows.

Big items to consider: The entire Turkish citizen database has been leaked online, and the hack appears to be politically motivated. Microsoft released a 64-bit version of Windows 10 IoT Pro that is specifically designed for small internet-connected devices. Today Toyota announced a partnership with Microsoft to further develop a connected car and their systems to personalize to every driver. Lastly, in an interesting blog post, a security researcher explained how he hacked the Domino’s pizza app to bypass the payment page and get free pizza which highlighted the vulnerabilities located in company apps.

The entire Turkish citizenship database has allegedly been hacked and leaked online. A website with purportedly leaked details of 49,611,709 Turkish citizens is online and allegedly gives the following details of each citizen — including the Turkish President Tayyip Erdogan: National Identifier (TC Kimlik No), First Name, Last Name, Mother’s First Name, Father’s First Name, Gender, City of Birth, Date of Birth, ID Registration City and District, Full Address. The apparent hack seems to be politically motivated. The website reads: “Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure?”

Microsoft today announced that it’s releasing a 64-bit (x64) version of Windows 10 IoT Core Pro. This is a special flavor of the edition of Windows 10 designed for small Internet-connected devices that’s exclusively available to original equipment manufacturers (OEM). “This will enable OEM/ODMs (original design manufacturers) to move between Windows 10 IoT Core and Windows 10 IoT Enterprise without the need to maintain a separate firmware image for their devices,” Brett Bentsen, partner group program manager for Windows IoT at Microsoft, wrote in a blog post. “Additionally, we’re making the Board Support Package for the Raspberry Pi open source (except for the UEFI parts) to help OEM/ODMs provide a customized board experience.”

Toyota announced an enhanced relationship with Microsoft on Monday aimed at delivering “connected car” services to drivers in ways they probably never could have imagined. Already, drivers ask the infotainment system in their cars for restaurant recommendations, but many locations often would require that a driver turn around. But with Toyota Connected, the system might be modified to only recommend restaurants on the highway ahead — and then only the kinds of food that the driver usually prefers.

Paul Price, a computer security researcher based in the United Kingdom, three years ago hit the pizza jackpot. He found a computer bug affecting a Domino’s mobile app on Google Android that allowed him to place orders free of charge. All Price had to do to hack the system was to input some obviously fake debit card information (Visa number: 4111111111111111), intercept the traffic between his phone and Domino’s computer servers, and tweak the data that typically turns up an error message, he says. Literally, he rewrote some code to read “accepted” instead of “declined,” which green-lit the order.

Big items to consider: Leaked documents dubbed the “Panama Papers” revealed financial schemes and offshore financing from some of the world’s most powerful people. The FBI has now promised to help unlock iPhones across the country, although not guaranteeing it will be able to use the same method that successful unlocked the San Bernardino terrorist phone. The investigation into MedStar Health continues as experts look into how to better protect hospitals. A study found that 90 percent of corporate executives said they don’t know how to read a cybersecurity report and 40 said they don’t feel responsible for the repercussions of hacking.

Governments across the world began investigating possible financial wrongdoing by the rich and powerful on Monday following a leak of documents from a Panamanian law firm which allegedly showed how clients avoided tax or laundered money. The documents detailed schemes involving an array of figures from friends of Russian President Vladimir Putin to relatives of the prime ministers of Britain, Iceland and Pakistan and as well as the president of Ukraine, journalists who received them said. While the “Panama Papers” detail complex financial arrangements benefiting the world’s elite, they do not necessarily mean the schemes were all illegal.

The FBI has promised to help local law enforcement authorities crack encrypted devices, in a letter that refers to the federal agency’s success in accessing the data on an iPhone 5c running iOS 9 that was used by one of the San Bernardino terrorists. The agency did not, however, explicitly promise investigators that it would deploy the same tool, said to have been developed by an outside organization, on other iPhones.

In some ways, health care is an easy target: Its security systems tend to be less mature than those of other industries, such as banking and tech, and its doctors and nurses depend on data to perform time-sensitive, life-saving work. Where a financial-services firm might spend a third of its budget on information technology, hospitals spend only about 2 to 3 percent, said John Halamka, the chief information officer of Beth Israel Deaconess Medical Center in Boston. “If you’re a hacker… would you go to Fidelity or an underfunded hospital?” Halamka said. “You’re going to go where the money is and the safe is easiest to open.”

More than 90 percent of corporate executives said they cannot read a cybersecurity report and are not prepared to handle a major attack, according to a new survey. More distressing is that 40 percent of executives said they don’t feel responsible for the repercussions of hackings, said Dave Damato, chief security officer at Tanium, which commissioned the survey with the Nasdaq. The findings come at a time when companies around the world are losing $445 billion due to cybercrime last year, according to an estimate by the Center for Strategic and International Studies.

Big items to consider: A new sneaky form of malware can be found on USB devices. This week, personal data from thousands of foreign nationals living in Thailand was leaked and appeared on the dark web. Six people have been charged with tampering a lottery terminal to produce more winning tickets. An art gallery is highlighting the intrusive nature of live surveillance cameras by spotting people jaywalking and allowing random people to report her jaywalker.

The Internet and the growing interconnectedness of networks have made it incredibly easy for threat actors to deliver and propagate malware. But not all cyber threats are Internet-borne. Take USB Thief, new malware sample that researchers at security firm ESET recently discovered. As its name implies, the malware is completely USB-borne, meaning it spreads exclusively through devices that plug into the USB port of computers.

The personal details of thousands of foreign nationals living in southern Thailand were briefly leaked online in what the site’s developer admitted Monday was a data breach during a test for police. The gaffe was spotted by social media users late Sunday when a database appeared online containing the names, addresses, professions and passport numbers of more than 2,000 foreigners living in Thailand’s southern provinces.

Six people have been charged in what prosecutors say was a scheme to hack Connecticut state lottery terminals so they produced more winning tickets and fewer losing ones. Of tickets generated at one liquor store, for instance, 76 percent were instant winners in one sample and 59 percentin another sample. The state-wide average, meanwhile, was just 24 percent. After manipulating the terminals, the suspects cashed the tickets and took the proceeds, prosecutors alleged.

The webcam’s public feed, like thousands of others like it, is accessible to anyone who can find its URL with a Google search. At an art gallery thousands of miles away, a tiny Raspberry Pi computer is streaming the video to a monitor while it analyzes the footage with a simple computer vision algorithm. It instantly snitches, flashing, “WOULD YOU LIKE TO REPORT THE JAYWALKER?” on the screen. If you’re a visitor at this gallery, you’ll face a choice: hit a red button in front of the computer, and it will send a screenshot of the incident in an email to the nearest police precinct, potentially costing her a $42 fine. Or you can let the oblivious lawbreaker go on her way.

For big data technologies like Hadoop and Spark, complexity remains a major barrier for their adoption. BlueData’s software makes it easier to deploy big data infrastructure and applications. Today, BlueData is launching the latest release of its EPIC software platform, which introduces several security and other upgrades to provide a smoother Big-Data-as-a-Service experience. The latest release incorporates many features and functionality enhancements requested by BlueData’s customers across multiple industries including financial services, pharmaceuticals, healthcare, technology, telecommunications, energy, government, and education. Additional new features include more granular resource management controls, QoS-based allocation, performance optimizations, and quota enforcement for multi-tenant big data deployments. The enterprise version of BlueData’s platform now provides additional security and governance capabilities to meet enterprise-class auditing and regulatory compliance requirements.

In order to take full advantage of big data platforms, such as Hadoop and Spark, IT and analytics teams often require a new education for configuring systems and partition data to maximize processing speeds. TechTarget examines the challenges some businesses have encountered when deploying Hadoop, including Valence Health, Progressive Insurance, and Sellpoints Inc. All organizations encountered issues with understanding Hadoop’s underlying structure and how to leverage the technology efficiently and quickly enough to receive a productive return-on-investment.

Alteryx has deepened its relationship with Microsoft in an announcement that sees Alteryx Designer available from a virtual machine on the Azure marketplace. This extends the relationship announced in October 2015 which saw Alteryx integrate with Microsoft Power BI. Alteryx Designer users are able to create a pre-configured virtual machine to rapidly speed up their time scales for realizing the benefits of analytics of their data. Using the Alteryx Designer workflows, analysts can reduce their time to insight in what Alteryx believes is hours rather than weeks. For those companies already invested in Alteryx it also seems like it is possible to migrate licenses from existing solutions onto the Azure platform, although Alteryx need to be contacted to process this. The Alteryx designer platform on Azure will not only be pre-configured to integrate with Power-BI but will also come with other new features. Among those are pre-defined examples of workflows that allow data analysts, new to the solution, to be able to rapidly deploy insights using their own data using the examples as a template for their own solutions. Alteryx Designer also delivers an intuitive user interface for self service analytics with workflows that combine data preparation, data blending, and analytics (predictive, statistical and spatial)

Marketing today walks a thin line between creepiness and helpfulness. B2C offers eight suggestions for marketers to follow to avoid being viewed as a “peeping tom.” The article suggests marketers refrain from making language and targeted advertising too personal before a customer relationship has been established. Additionally, marketers should practice patience with new customers and avoid bombarding them with emails simply because they purchased one item from a website. Another tip recommends avoiding personalizing a shopper’s experienced based upon minimal searches — e-marketers should segment their viewers and customers to target them in the correct ways.

In a new white paper from Cloud Security Alliance, there is some important information about security challenges and the increased risks of implementing virtual networks. The first risk of SDN is how SDN needs to be centralized around an overall controller that keeps track of the virtual network deployments and operations. This goes against the nature of cloud computing environments. Second, NFV infrastructure may not be compatible with existing virtual machine hypervisors and cloud servers. Third, the typical SDN deployment has its own hardware and management systems that may be unfamiliar to network administrators who are steeped in running traditional networks. The added complexity of NFV can hide potentially dire consequences including successful intruders that may manipulate the network routes. There are some benefits that can improve enterprise security with properly planned NFV, companies can build in security functions as part of their network fabric, such as intrusion prevention devices, virtual load balancers and firewalls.

Big items to consider: A google report identified how many sites still don’t use any security features. Security researchers have identified that there is new malware that can now infect apple devices that aren’t even jailbroken. A phishing attack has targeted banks in Russia by impersonating the Russian cybersecurity defense branch. Yet another android malware strand has been identified that can remotely take control of a device and spy on victims.

A new Google report shows, an alarmingly small number of the web’s most-trafficked sites use this vital security protocol. The Google audit shows that 79 of the web’s top 100 non-Google sites don’t deploy HTTPS by default, while 67 of those use either outdated encryption technology or offer none at all. The worst offenders include big names, like the New York Times and IMDB. (For what it’s worth, WIRED doesn’t currently offer HTTPS either. But we’re working on it.) That’s a big number, especially considering that these 100 sites combined comprise about 25 percent of all website traffic worldwide. It turns out that we’ve got a very vulnerable web.

Apple’s mobile operating system just got a nasty bug. Researchers from the cybersecurity firm Palo Alto Networks said on Wednesday that they discovered new malware that can infect Apple iOS devices even if they aren’t jailbroken. The fact that the newly discovered malware, dubbed AceDeceiver, affects non-tampered iOS devices is noteworthy because it shows that hackers are “getting around Apple’s security measures,” the researchers explained.

Dozens of banks in Russia were targeted this week by hackers pretending to be the security arm of the Russian Central Bank, FinCERT. While Phishing attacks against banks in Russia are nothing new, one posing as the center that’s supposed to defend banks against attacks like this is worth looking at. On March 14, shady individuals registered fincert.net, a false URL that – at a glance – would lead one to believe the domain is owned by FinCERT. However, fincert.net isn’t their domain; it’s actually cbr.ru.

Millions of Android users could be at risk from another ‘Stagefright’ security flaw after researchers claim to have made a working exploit that can remotely take control of a device and spy on victims – all in under 20 seconds. Dubbed ‘Metaphor’ by the Israel-based security firm NorthBit that created the exploit, it can give hackers the ability to inject malware that could copy, steal and delete data on the device, take over the smartphone’s microphone and camera for spying purposes and even track a user’s movements via GPS.

With the Star Wars craze of the last year, TechCrunch has taken a completely different approach to fan theories surrounding the series, wondering, “How much data do they need to manage in the Death Star?” It is estimated that 1.7 million military personnel (stormtroopers and their commanders, trash compactor operators, etc.) and 400,000 droids were on board the Death Star. This is close to the population of Philadelphia — if you don’t count the droids. The amount of data created each year by all the people here on earth is growing exponentially, and is expected to double each year. In 2012 alone, 2.8 zettabytes of data were collected. By 2020, that number isexpected to have increased to 40 zetabytes. That’s 5,200 GB of data for every person on earth. Using that estimate, TechCrunch figures that the 1.7 million personnel on the Death Star would generate 8.84 exabytes of data per year. If you prefer to express data in factors of 1024 bytes, the number is 8.63 exabytes (or “exbibytes”). Of course, that’s assuming residents of the Death Star generate as much data as a human living in the year 2020, but it’s likely the galaxy far, far away may be far more advanced than that.

Forbes reported on Forrester’s TechRadar methodology, which evaluates the potential success of 10 Big Data techniques, which, the research firm believes, are projected to have “significant success.” In addition, each technology is placed in a specific maturity phase—from creation to decline—based on the level of development of its technology ecosystem. The first 8 technologies above are considered to be in the Growth stage and the last 2 in the Survival stage. Forrester also estimates the time it will take the technology to get to the next stage and predictive analytics is the only one with a “>10 years” designation, expected to “deliver high business value in late Growth through Equilibrium phase for a long time.” Technologies #2 to #8 above are all expected to reach the next phase in 3 to 5 years and the last 2 technologies are expected to move from the Survival to the Growth phase in 1-3 years.

UK and EU policy-makers have urged governments to raise their data capture and analytics game to the level demanded by the digital economy. Charlie Bean, a former deputy governor of the Bank of England, announced the findings of his report into the state of UK economic statistics, under the auspices of the Cabinet Office and the Treasury, on March 11. Meanwhile, the European Parliament debated and passed a resolution on March 10 that urged the European Commission to boost a “data-driven economy” in the European Union. Bean’s report – Independent review of UK economic statistics – commissioned in 2015 by the chancellor George Osborne and the minister for the Cabinet Office Matt Hancock, found that British government statistics need to be recast to capture the economic data characteristics of a digital economy.

Market Research Store has released a new market research report “Global Hadoop-as-a-Service (HaaS) Market Size, Share, Trends, Demand, Analysis, Research, Report, Segmentation and Forecast, 2013 – 2020” to add to its collection of research reports. The report comprises of data storage in the cloud and its analysis through Hadoop without the need to install any infrastructure in the premises. HaaS market has witnessed a tremendous growth in 2013 and has doubled from the market size in 2012. However, it is expected to witness a tremendous growth in the next 7 years, expanding its horizon into the end user industries of conventional Hadoop.

Forbes examines how the use of key performance indicators, in conjunction with the real-time IoT data, creates opportunities for companies to provide new or improved services that are transforming their industries. A few examples include opportunities in risk reduction, especially when trading commodities like energy precious metals, livestock, and in the mining and oil industries, new pricing models such as tiered services from basic to premium, which is beneficial to both consumers and providers, and flexible pricing.

ZDNet examines the new trend of services arising aimed at helping hardware developers connect with experts and suppliers, including HWTRek, which bills itself as a one stop shop for IoT hardware innovators working to manage their product development, connect with manufacturing and supply chain industry experts, and bring their connected device projects to market. The IoT market is expected to reach $1.7 trillion in 2020, up from $655.8 billion in 2014 according to IDC. Meanwhile, the electronics manufacturing services (EMS) industry, including electronics original design services (ODM), should expect revenues of $505 billion in 2019. The source of innovation is shifting to small and medium-sized businesses in these industries due to the obstacles of collaboration in the traditional supply chain model.

Amid the peak of SXSW, Austin, TX has been pinned as a “laboratory for [IIoT 5G] innovation.” RCR Wireless has partnered with leading technologists and industrial Internet of Things and 5G leaders to create a 10-episode, immersive documentary series on the “technologies, vertical markets, policies and investments driving what Goldman Sachs and others have termed the next mega trend, a 4th Industrial Revolution that will make the steam-driven transformation of 1800s look like a blip on the economic radar screen.” In the series, Austin is highlighted for its long history of tech innocation and its established ecosystem required for IIoT 5G innovation, as evidenced by AT&T’s recent selection of the city for its 5G trials and Spectrum Lab, in addition to the University of Texas-Austin and its world-renowned Wireless Networking and Communications group as well as Google’s ongoing deployment of its Google Fiber service and tests of its self-driving vehicles.

According to a new study by IBM and Forbes Insights, cognitive computing will help companies that have experienced the effects of a natural disaster to get back up and running much faster than they were previously able to. IBM provides three ways that cognitive computing can help keep businesses afloat in the event of a natural disaster: predicting/avoiding damages from disasters, analyzing best practices of other companies previously affected by damage, and integrating the cognitive agent into technical support to help businesses get systems back online when there are technical issues.

Datawatch Corporation announced today that it has teamed with IBM to deliver better and faster data access and self-service data preparation to IBM Watson Analytics and IBM Cognos Analytics users. As part of this agreement, IBM will resell Datawatch Monarch, Datawatch’s market-leading self-service data preparation solution, which enables business analysts to rapidly access, manipulate and blend data from the widest variety of sources.

With the growing certainty that cybersecurity vulnerabilities will increase over the next couple of years, Alternative Global Networks (AGNs) is creating a new, more secure internet that will dramatically improve cyber resilience, and at the same time, reduce expenditures on cybersecurity. AGN benefits can include all that software-defined networking (SDN) aim to introduce, such as cost reduction, software-defined packet forwarding, central management, but on a global scale. One of the most important benefits will be simplified virtual management. Virtualization in networking will be similar to that of virtualization in computing, as it will completely revolutionize the paradigm of the existing coupling between hardware and software. This will also simplify implementing security tools.

Ericsson and NEC both came out as vendor partners for NTT DoCoMo’s network functions virtualization plans, including the telecom giant’s recently announced multi-vendor NFV platform. Ericsson said its platform is based on the Open Platform for NFV network architecture and was used for NTT’s commercial service launch. “To maximize benefit of NFV, DoCoMo expects to virtualize many other key components of its mobile network, aiming to eventually establish a fully virtualized network,” explained Seizo Onoe, EVP and CTO at NTT. “I’m convinced that our multi-vendor NFV is the first step toward our goal.”

10Fold Content Newsletter

Popular Post

Our Client – AppDynamics

Get in Touch with 10Fold!

With offices based in San Francisco, the California Bay Area and Southern California, 10Fold Communications is conveniently located in the epicenter of technology innovation.

About

10Fold Communications is a high-tech integrated marketing and public relations agency. We leverage our specialized skills and our well-established media and analyst relations to provide you with far-reaching perspectives, insights and results. We’re dedicated to your success and we have the know-how to make it happen..